Well, I signed up for my OpenID a while ago, at your suggestion. Now I'm waiting for the plethora of web sites that will use it! I suspect it's gonna be a long wait.

I think that once Wikipedia begins to support it (which seems to be in progress), there will begin to be a lot more demand for other wikis, blogs, and similar to support it. The commercial sites will take longer. --Joey

Joosteto: I just clicked on your blog to get a openID, and it seems I succeeded, but when clicking on the confirmation link in the confirmation email, I get: joey/ Error Error: unknown do parameter From: http://kitenet.net/~joey/ikiwiki.cgi?do=postlogin&openid_identifier=http%3A%2F%2Fjoosteto.myopenid.com%2F

I can't reproduce that, just signed up for a new account and went through ok including using the confirmation link in the email. This might have been a transient issue of some kind, or possibly a browser issue, I'm not sure. I can't even reproduce it using the URL you gave me; ikiwiki seems to do the correct redirect to the provider using that URL. --Joey

Anyway, wasn't the main idea of these captcha's to distinguish between human beings and spam-robots? It looks to me like spamming via OpenID can be easily automated.

OpenID leaves protecting against abusive creation of logins in the hands of the OpenID provider. Of course, one can block a given spamming OpenID, but they can easily get a new OpenID from their provider. So it's up to the provider to do something to block such a user. The current set of providers seem to do at least a good a job as your typical captcha, and they can scale up to any level necessary to stop spammers. And of course, the good guys at best only have to go through the email confirmation (or captcha (or personal phone call)) business once to get an ID, not once per website.

Of course, the OpenID protocol also allows anyone to set up as an OpenID provider, including spammers. I won't be suprised if we end up needing to develop blacklists of rogue OpenID providers. Happily, the protocol makes it easy to get their IP addresses. :-) --Joey